mirror of
https://gitee.com/openharmony/security_selinux
synced 2024-11-26 23:00:22 +00:00
a3a828665d
Signed-off-by: steven_q <qichanggui@huawei.com> Change-Id: Iaef3143b1a49b3d9de8d37d2c00c6428edb410a1
747 lines
19 KiB
Plaintext
747 lines
19 KiB
Plaintext
# Copyright (c) 2021-2023 北京万里红科技有限公司
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
import("//base/startup/init/begetd.gni")
|
|
import("//build/ohos.gni")
|
|
import("selinux.gni")
|
|
|
|
config("selinux_core_config") {
|
|
include_dirs = [
|
|
"interfaces/policycoreutils/include",
|
|
"$THIRD_PARTY_DIR/selinux/libselinux/include",
|
|
]
|
|
}
|
|
|
|
ohos_shared_library("libload_policy") {
|
|
output_name = "libload_policy"
|
|
sources = [ "interfaces/policycoreutils/src/load_policy.cpp" ]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
deps = [
|
|
":libselinux_klog_static",
|
|
"$THIRD_PARTY_DIR/selinux:libselinux",
|
|
]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
install_enable = true
|
|
install_images = [
|
|
"system",
|
|
"ramdisk",
|
|
"updater",
|
|
]
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
ohos_shared_library("librestorecon") {
|
|
output_name = "librestorecon"
|
|
sources = [ "interfaces/policycoreutils/src/selinux_restorecon.c" ]
|
|
public_configs = [ ":selinux_core_config" ]
|
|
deps = [ "$THIRD_PARTY_DIR/selinux:libselinux" ]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
install_enable = true
|
|
install_images = [
|
|
"system",
|
|
"ramdisk",
|
|
"updater",
|
|
]
|
|
innerapi_tags = [ "platformsdk_indirect" ]
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
ohos_shared_library("libhap_restorecon") {
|
|
output_name = "libhap_restorecon"
|
|
sources = [
|
|
"interfaces/policycoreutils/src/hap_restorecon.cpp",
|
|
"interfaces/policycoreutils/src/sehap_contexts_trie.cpp",
|
|
]
|
|
public_configs = [ ":selinux_core_config" ]
|
|
deps = [
|
|
":libselinux_error_static",
|
|
":libselinux_hilog_static",
|
|
"$THIRD_PARTY_DIR/selinux:libselinux",
|
|
]
|
|
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
install_enable = true
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
ohos_static_library("libselinux_error_static") {
|
|
output_name = "libselinux_error_static"
|
|
sources = [ "interfaces/policycoreutils/src/selinux_error.cpp" ]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-w",
|
|
]
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
ohos_static_library("libselinux_klog_static") {
|
|
output_name = "libselinux_klog_static"
|
|
sources = [ "interfaces/policycoreutils/src/selinux_klog.c" ]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
deps = [ "$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared" ]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
ohos_static_library("libselinux_hilog_static") {
|
|
output_name = "libselinux_hilog_static"
|
|
sources = [ "interfaces/policycoreutils/src/selinux_log.c" ]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
deps = [ "$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared" ]
|
|
external_deps = [ "hilog:libhilog" ]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
if (!startup_init_with_param_base) {
|
|
inherited_configs = [
|
|
"$BUILD_CONFIG_DIR/compiler:afdo",
|
|
"$BUILD_CONFIG_DIR/compiler:afdo_optimize_size",
|
|
"$BUILD_CONFIG_DIR/compiler:compiler",
|
|
"$BUILD_CONFIG_DIR/compiler:compiler_arm_fpu",
|
|
"$BUILD_CONFIG_DIR/compiler:compiler_arm_thumb",
|
|
"$BUILD_CONFIG_DIR/compiler:chromium_code",
|
|
"$BUILD_CONFIG_DIR/compiler:default_include_dirs",
|
|
"$BUILD_CONFIG_DIR/compiler:default_optimization",
|
|
"$BUILD_CONFIG_DIR/compiler:default_stack_frames",
|
|
"$BUILD_CONFIG_DIR/compiler:default_symbols",
|
|
"$BUILD_CONFIG_DIR/compiler:export_dynamic",
|
|
"$BUILD_CONFIG_DIR/compiler:no_exceptions",
|
|
"$BUILD_CONFIG_DIR/compiler:no_rtti",
|
|
"$BUILD_CONFIG_DIR/compiler:runtime_library",
|
|
"$BUILD_CONFIG_DIR/compiler:thin_archive",
|
|
"$BUILD_CONFIG_DIR/sanitizers:default_sanitizer_flags",
|
|
]
|
|
}
|
|
|
|
source_set("libselinux_parameter_static") {
|
|
output_name = "libselinux_parameter_static"
|
|
sources = [
|
|
"interfaces/policycoreutils/src/contexts_trie.c",
|
|
"interfaces/policycoreutils/src/selinux_map.c",
|
|
"interfaces/policycoreutils/src/selinux_parameter.c",
|
|
"interfaces/policycoreutils/src/selinux_share_mem.c",
|
|
]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
if (!startup_init_with_param_base) {
|
|
ldflags = [ "-nostdlib" ]
|
|
configs -= inherited_configs
|
|
configs += [ "$BUILD_CONFIG_DIR/compiler:compiler" ]
|
|
}
|
|
}
|
|
|
|
ohos_shared_library("libparaperm_checker") {
|
|
output_name = "libparaperm_checker"
|
|
sources = [ "interfaces/policycoreutils/src/param_checker.c" ]
|
|
public_configs = [ ":selinux_core_config" ]
|
|
deps = [
|
|
":libselinux_klog_static",
|
|
"$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared",
|
|
"$THIRD_PARTY_DIR/selinux:libselinux",
|
|
]
|
|
if (startup_init_with_param_base) {
|
|
deps += [ ":libselinux_parameter_static" ]
|
|
}
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
install_images = [
|
|
"system",
|
|
"updater",
|
|
]
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
ohos_shared_library("libservice_checker") {
|
|
output_name = "libservice_checker"
|
|
sources = [ "interfaces/policycoreutils/src/service_checker.cpp" ]
|
|
public_configs = [ ":selinux_core_config" ]
|
|
deps = [
|
|
":libselinux_error_static",
|
|
":libselinux_hilog_static",
|
|
"$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared",
|
|
"$THIRD_PARTY_DIR/selinux:libselinux",
|
|
]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
innerapi_tags = [ "chipsetsdk" ]
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
ohos_executable("load_policy") {
|
|
install_enable = true
|
|
sources = [ "interfaces/tools/load_policy/load_policy.c" ]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
deps = [ ":libload_policy" ]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
install_images = [
|
|
"system",
|
|
"updater",
|
|
]
|
|
}
|
|
|
|
ohos_executable("restorecon") {
|
|
install_enable = true
|
|
sources = [ "interfaces/tools/restorecon/restorecon.c" ]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
deps = [
|
|
":librestorecon",
|
|
"$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared",
|
|
]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
install_images = [
|
|
"system",
|
|
"updater",
|
|
]
|
|
}
|
|
|
|
ohos_executable("hap_restorecon") {
|
|
install_enable = false
|
|
sources = [ "interfaces/tools/hap_restorecon/test.cpp" ]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
deps = [
|
|
":libhap_restorecon",
|
|
":libselinux_error_static",
|
|
]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
ohos_executable("param_check") {
|
|
install_enable = false
|
|
sources = [ "interfaces/tools/param_check/test.cpp" ]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
deps = [
|
|
":libparaperm_checker",
|
|
":libselinux_error_static",
|
|
":libselinux_parameter_static",
|
|
"$THIRD_PARTY_DIR/selinux:libselinux",
|
|
]
|
|
if (startup_init_with_param_base) {
|
|
deps += [ ":libselinux_parameter_static" ]
|
|
}
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-DTIME_DISPLAY",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
ohos_executable("service_check") {
|
|
install_enable = false
|
|
sources = [ "interfaces/tools/service_check/test.cpp" ]
|
|
include_dirs = [ "interfaces/policycoreutils/include" ]
|
|
deps = [
|
|
":libselinux_error_static",
|
|
":libservice_checker",
|
|
]
|
|
cflags = [
|
|
"-D_GNU_SOURCE",
|
|
"-Wall",
|
|
"-Werror",
|
|
]
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
}
|
|
|
|
debug_version = "disable"
|
|
updater_version = "disable"
|
|
|
|
action("build_policy") {
|
|
if (build_variant == "user") {
|
|
debug_version = "disable"
|
|
} else if (build_variant == "root") {
|
|
debug_version = "enable"
|
|
} else {
|
|
debug_version = "enable"
|
|
}
|
|
|
|
updater_version = "disable"
|
|
|
|
inputs = exec_script("//build/scripts/find.py",
|
|
[ rebase_path("sepolicy") ],
|
|
"list lines")
|
|
if (selinux_build_path != "default") {
|
|
foreach(src, string_split(selinux_build_path, ":")) {
|
|
src = "//" + src
|
|
inputs += exec_script("//build/scripts/find.py",
|
|
[ rebase_path(src) ],
|
|
"list lines")
|
|
}
|
|
}
|
|
|
|
if (special_build_policy_script != "default") {
|
|
script = special_build_policy_script
|
|
} else {
|
|
script = "scripts/build_policy.py"
|
|
}
|
|
|
|
args = [
|
|
"--dst-file",
|
|
rebase_path(target_out_dir + "/policy.31"),
|
|
"--tool-path",
|
|
rebase_path(root_build_dir + "/clang_x64/security/selinux/"),
|
|
"--source-root-dir",
|
|
rebase_path("//"),
|
|
"--policy_dir_list",
|
|
selinux_build_path,
|
|
"--debug-version",
|
|
debug_version,
|
|
"--updater-version",
|
|
updater_version,
|
|
"--components",
|
|
components,
|
|
]
|
|
|
|
if (components != "default") {
|
|
args += [
|
|
"--vendor-policy-version",
|
|
"$vendor_policy_version",
|
|
]
|
|
}
|
|
|
|
if (extra_args != "default") {
|
|
foreach(arg, string_split(extra_args, " ")) {
|
|
args += [ arg ]
|
|
}
|
|
}
|
|
|
|
deps = [
|
|
"$THIRD_PARTY_DIR/selinux:checkpolicy($host_toolchain)",
|
|
"$THIRD_PARTY_DIR/selinux:secilc($host_toolchain)",
|
|
]
|
|
outputs = [
|
|
target_out_dir + "/policy.31",
|
|
target_out_dir + "/vendor.cil",
|
|
target_out_dir + "/prebuild_sepolicy.system.cil.sha256",
|
|
target_out_dir + "/system.cil",
|
|
target_out_dir + "/system.cil.sha256",
|
|
target_out_dir + "/$vendor_policy_version.cil",
|
|
target_out_dir + "/version",
|
|
target_out_dir + "/public.cil",
|
|
]
|
|
}
|
|
|
|
action("build_update_policy") {
|
|
if (build_variant == "user") {
|
|
debug_version = "disable"
|
|
} else if (build_variant == "root") {
|
|
debug_version = "enable"
|
|
} else {
|
|
debug_version = "enable"
|
|
}
|
|
|
|
updater_version = "enable"
|
|
components = "default"
|
|
inputs = exec_script("//build/scripts/find.py",
|
|
[ rebase_path("sepolicy") ],
|
|
"list lines")
|
|
if (selinux_build_path != "default") {
|
|
foreach(src, string_split(selinux_build_path, ":")) {
|
|
src = "//" + src
|
|
inputs += exec_script("//build/scripts/find.py",
|
|
[ rebase_path(src) ],
|
|
"list lines")
|
|
}
|
|
}
|
|
|
|
if (special_build_policy_script != "default") {
|
|
script = special_build_policy_script
|
|
} else {
|
|
script = "scripts/build_policy.py"
|
|
}
|
|
|
|
args = [
|
|
"--dst-file",
|
|
rebase_path(target_out_dir + "/updater/policy.31"),
|
|
"--tool-path",
|
|
rebase_path(root_build_dir + "/clang_x64/security/selinux/"),
|
|
"--source-root-dir",
|
|
rebase_path("//"),
|
|
"--policy_dir_list",
|
|
selinux_build_path,
|
|
"--debug-version",
|
|
debug_version,
|
|
"--updater-version",
|
|
updater_version,
|
|
"--components",
|
|
components,
|
|
]
|
|
|
|
if (extra_args != "default") {
|
|
foreach(arg, string_split(extra_args, " ")) {
|
|
args += [ arg ]
|
|
}
|
|
}
|
|
|
|
deps = [
|
|
"$THIRD_PARTY_DIR/selinux:checkpolicy($host_toolchain)",
|
|
"$THIRD_PARTY_DIR/selinux:secilc($host_toolchain)",
|
|
]
|
|
outputs = [ target_out_dir + "/updater/policy.31" ]
|
|
}
|
|
|
|
action("build_contexts") {
|
|
inputs = exec_script("//build/scripts/find.py",
|
|
[ rebase_path("sepolicy") ],
|
|
"list lines")
|
|
if (selinux_build_path != "default") {
|
|
foreach(src, string_split(selinux_build_path, ":")) {
|
|
src = "//" + src
|
|
inputs += exec_script("//build/scripts/find.py",
|
|
[ rebase_path(src) ],
|
|
"list lines")
|
|
}
|
|
}
|
|
|
|
if (special_build_contexts_script != "default") {
|
|
script = special_build_contexts_script
|
|
} else {
|
|
script = "scripts/build_contexts.py"
|
|
}
|
|
args = [
|
|
"--dst-dir",
|
|
rebase_path(target_out_dir + "/"),
|
|
"--tool-path",
|
|
rebase_path(root_build_dir + "/clang_x64/security/selinux/"),
|
|
"--policy-file",
|
|
rebase_path(target_out_dir + "/policy.31"),
|
|
"--source-root-dir",
|
|
rebase_path("//"),
|
|
"--policy_dir_list",
|
|
selinux_build_path,
|
|
"--components",
|
|
components,
|
|
]
|
|
if (contexts_extra_args != "default") {
|
|
foreach(arg, string_split(contexts_extra_args, " ")) {
|
|
args += [ arg ]
|
|
}
|
|
}
|
|
deps = [
|
|
":build_policy",
|
|
"$THIRD_PARTY_DIR/selinux:sefcontext_compile($host_toolchain)",
|
|
]
|
|
outputs = [
|
|
target_out_dir + "/file_contexts.bin",
|
|
target_out_dir + "/file_contexts",
|
|
target_out_dir + "/sehap_contexts",
|
|
target_out_dir + "/service_contexts",
|
|
target_out_dir + "/hdf_service_contexts",
|
|
target_out_dir + "/parameter_contexts",
|
|
]
|
|
}
|
|
|
|
copy("selinux_config") {
|
|
if (selinux_enforce) {
|
|
sources = [ "config/config.enforce" ]
|
|
} else {
|
|
sources = [ "config/config.permissive" ]
|
|
}
|
|
outputs = [ "$target_out_dir/config" ]
|
|
}
|
|
|
|
copy("updater_selinux_config") {
|
|
sources = [ "config/config.enforce" ]
|
|
outputs = [ "$target_out_dir/updater/config" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("build_sepolicy") {
|
|
deps = [ ":build_policy" ]
|
|
source = target_out_dir + "/policy.31"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
if (components == "vendor") {
|
|
relative_install_dir = "selinux/prebuild_sepolicy/"
|
|
install_images = [ "vendor" ]
|
|
} else if (components == "default") {
|
|
relative_install_dir = "selinux/targeted/policy/"
|
|
install_images = [ "system" ]
|
|
}
|
|
}
|
|
|
|
ohos_prebuilt_etc("build_updater_sepolicy") {
|
|
deps = [ ":build_update_policy" ]
|
|
source = target_out_dir + "/updater/policy.31"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/targeted/policy/"
|
|
install_images = [ "updater" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("selinux_version") {
|
|
deps = [ ":build_policy" ]
|
|
source = target_out_dir + "/version"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/"
|
|
install_images = [ "vendor" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("config") {
|
|
deps = [ ":selinux_config" ]
|
|
source = target_out_dir + "/config"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/"
|
|
install_images = [ "system" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("updater_config") {
|
|
deps = [ ":updater_selinux_config" ]
|
|
source = target_out_dir + "/updater/config"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/"
|
|
install_images = [ "updater" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("sehap_contexts") {
|
|
deps = [ ":build_contexts" ]
|
|
source = target_out_dir + "/sehap_contexts"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/targeted/contexts/"
|
|
}
|
|
|
|
ohos_prebuilt_etc("parameter_contexts") {
|
|
deps = [ ":build_contexts" ]
|
|
source = target_out_dir + "/parameter_contexts"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/targeted/contexts/"
|
|
install_images = [
|
|
"system",
|
|
"updater",
|
|
]
|
|
}
|
|
|
|
ohos_prebuilt_etc("service_contexts") {
|
|
deps = [ ":build_contexts" ]
|
|
source = target_out_dir + "/service_contexts"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/targeted/contexts/"
|
|
}
|
|
|
|
ohos_prebuilt_etc("hdf_service_contexts") {
|
|
deps = [ ":build_contexts" ]
|
|
source = target_out_dir + "/hdf_service_contexts"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/targeted/contexts/"
|
|
}
|
|
|
|
ohos_prebuilt_etc("file_contexts") {
|
|
deps = [ ":build_contexts" ]
|
|
source = target_out_dir + "/file_contexts"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/targeted/contexts/"
|
|
if (components == "vendor") {
|
|
install_images = [ "vendor" ]
|
|
} else {
|
|
install_images = [
|
|
"system",
|
|
"updater",
|
|
]
|
|
}
|
|
}
|
|
|
|
ohos_prebuilt_etc("vendor_cil") {
|
|
deps = [ ":build_policy" ]
|
|
source = target_out_dir + "/vendor.cil"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/"
|
|
install_images = [ "vendor" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("public_cil") {
|
|
deps = [ ":build_policy" ]
|
|
source = target_out_dir + "/public.cil"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/"
|
|
install_images = [ "vendor" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("version_cil") {
|
|
deps = [ ":build_policy" ]
|
|
source = target_out_dir + "/$vendor_policy_version.cil"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/compatible/"
|
|
install_images = [ "system" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("prebuild_sepolicy_system_cil_sha256") {
|
|
deps = [ ":build_policy" ]
|
|
source = target_out_dir + "/prebuild_sepolicy.system.cil.sha256"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/"
|
|
install_images = [ "vendor" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("system_cil") {
|
|
deps = [ ":build_policy" ]
|
|
source = target_out_dir + "/system.cil"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/"
|
|
install_images = [ "system" ]
|
|
}
|
|
|
|
ohos_prebuilt_etc("system_cil_sha256") {
|
|
deps = [ ":build_policy" ]
|
|
source = target_out_dir + "/system.cil.sha256"
|
|
license_file = "LICENSE"
|
|
part_name = "selinux"
|
|
subsystem_name = "security"
|
|
relative_install_dir = "selinux/"
|
|
install_images = [ "system" ]
|
|
}
|
|
|
|
group("selinux_group") {
|
|
if (build_selinux) {
|
|
deps = [
|
|
":build_updater_sepolicy",
|
|
":config",
|
|
":file_contexts",
|
|
":hap_restorecon",
|
|
":hdf_service_contexts",
|
|
":load_policy",
|
|
":param_check",
|
|
":parameter_contexts",
|
|
":restorecon",
|
|
":sehap_contexts",
|
|
":service_check",
|
|
":service_contexts",
|
|
":updater_config",
|
|
"$THIRD_PARTY_DIR/selinux:checkpolicy($host_toolchain)",
|
|
"$THIRD_PARTY_DIR/selinux:chkcon",
|
|
"$THIRD_PARTY_DIR/selinux:getenforce",
|
|
"$THIRD_PARTY_DIR/selinux:getfilecon",
|
|
"$THIRD_PARTY_DIR/selinux:getpidcon",
|
|
"$THIRD_PARTY_DIR/selinux:secilc",
|
|
"$THIRD_PARTY_DIR/selinux:secilc($host_toolchain)",
|
|
"$THIRD_PARTY_DIR/selinux:sefcontext_compile($host_toolchain)",
|
|
"$THIRD_PARTY_DIR/selinux:selinux_check_access",
|
|
"$THIRD_PARTY_DIR/selinux:selinuxexeccon",
|
|
"$THIRD_PARTY_DIR/selinux:setenforce",
|
|
"$THIRD_PARTY_DIR/selinux:setfilecon",
|
|
]
|
|
if (components == "system") {
|
|
deps += [
|
|
":system_cil",
|
|
":system_cil_sha256",
|
|
":version_cil",
|
|
]
|
|
} else if (components == "vendor") {
|
|
deps += [
|
|
":build_sepolicy",
|
|
":prebuild_sepolicy_system_cil_sha256",
|
|
":public_cil",
|
|
":selinux_version",
|
|
":vendor_cil",
|
|
]
|
|
} else {
|
|
deps += [ ":build_sepolicy" ]
|
|
}
|
|
}
|
|
}
|